diff options
| author | Neels Hofmeyr <neels@hofmeyr.de> | 2018-01-17 13:20:02 +0100 |
|---|---|---|
| committer | Neels Hofmeyr <neels@hofmeyr.de> | 2018-01-17 13:27:55 +0100 |
| commit | 5e518b5b4c9abb404055f38c2fc5061bf5530493 (patch) | |
| tree | c6e939e3102f9148da541d3835c574e473bea9dd | |
| parent | e653472573323a9abf910555fe38eb34b1f42840 (diff) | |
fix -Werror build: logging.c: always use literal with snprintf
A recent commit added an snprintf that passes a pointer to a literal directly
to snprintf. Since passing pointers to printf formats is a vulnerability in
case user supplied data may be passed in the format, modern compilers warn
against that, which breaks our -Werror builds. Even though this is just a
pointer to a literal, it needs to be an actual literal to make compilers happy.
Use printf("%s", c) instead of printf(c).
Note that our current build slave's gcc does not enforce that yet, while newer
compilers do.
logging.c:338:4: warning: format not a string literal and no format arguments [-Wformat-security]
ret = snprintf(buf + offset, rem, c_subsys);
Change-Id: Ifa4eb8a9fab66dcd987986065351b4a06421f1ec
| -rw-r--r-- | src/logging.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/logging.c b/src/logging.c index a6aa7eba..9b37bf53 100644 --- a/src/logging.c +++ b/src/logging.c @@ -335,7 +335,7 @@ static void _output(struct log_target *target, unsigned int subsys, if (target->use_color) { c_subsys = color(subsys); if (c_subsys) { - ret = snprintf(buf + offset, rem, c_subsys); + ret = snprintf(buf + offset, rem, "%s", c_subsys); if (ret < 0) goto err; OSMO_SNPRINTF_RET(ret, rem, offset, len); |